Tag Archives: health care

The Private Social Network for healthcare

In his post on the Pathcare blog, I trust you to keep this private, Danny Lieberman talked about the roles that trust, security and privacy play in online healthcare interactions. In this post, Danny talks about healthcare privacy challenges in social networks and describes how to implement a private social network for healthcare without government privacy regulation and IT balls and chains.

Online interactions with our HMO

We have online interactions with our healthcare organizations; accessing a Web portal for medical history, scheduling visits etc. Our PHI (protected healthcare information) is hopefully well-secured by our healthcare provider under government regulation (HIPAA in the US, and the Data Protection Directive in the EU). Albeit in the name of privacy, healthcare providers often take security to absurd extremes, witness the following anecdote:

I tried using online medical services with my provider in Hawaii but they could not respond due to my not being in Hawaii. What good is online diagnostic services when the patient is not in his/her home state?

Well now, I thought, that’s why Al Gore invented the Internet so that we could access healthcare services anywhere, anytime. Guess not. With our healthcare provider, we interact with the IT department. Bummer. On Facebook we interact with our friends. Compassion.

A healthcare provider’s business model requires them to protect your health information from disclosure. This is generally interpreted as doing as little as possible to help you be healthy. Social media business models require them to maximize distribution of your content. This means that your privacy is up to you and the people you connect with.

It seems obvious to me, that privacy regulation cannot work in social media because the connectivity is so high. There is no central data center where you can install an IPS and DLP systems and implement all of HIPAA CFR 45 Appendix A administrative, physical and technical safeguards. In that case, let’s get back to basics. We agree that privacy in our healthcare interactions is critical.

What is privacy?

pri·va·cy/ˈprīvəsē/

  1. The state or condition of being free from being observed or disturbed by other people.
  2. The state of being free from public attention

Healthcare privacy by design

Just like you are alone with your doctor in his office,we can build a private social network where the topology of the network guarantees privacy. We describe a star topology where one doctor interacting with many patients. We guarantee online privacy in our star topology network with 3 simple principles;

  1. Each doctor has his own private network of patients.
  2. In the private network, patients do not interact with other patients (interact as in friending, messaging etc.). We can expand the definition a bit by allowing a patient to friend another person in a caregiver role, but this is the only exception to the rule.
  3. A doctors private network does not overlap with other doctor networks, although doctors connect with each other for referrals.

This is a private network for healthcare by design.

What makes it a private social network, is the use of the same social apps we use in social media like Twitter and Facebook: friending, short messaging, status updates, groups, content sharing and commenting/liking.

A doctor uses a private social network for healthcare with the same 3 basic primitives of public social networking: Connect (or friend), Follow and Share.

One of the things that excites me the most about private social networks for healthcare is the potential to make the information technology go away and put the focus back on the patient-physican interaction and quality of clinical care.

  • Doctors save time in interviews because patients can record events and experiences before they come in to the office.
  • Data is more accurate since patients can record critical events like falls and BP drops, in proximity to the event itself.
  • Better data makes physician decisions easier and faster.
  • Better data is good for health and easier and faster is good for business.

What a beautiful business model – compassion, care and great business!

Tell your friends and colleagues about us. Thanks!
Share this

How to keep secrets in healthcare online


The roles of trust, security and privacy in healthcare.  If President Obama had told his psychiatrist he was gay, you can bet that it would be on Facebook in 5′. So much for privacy.

pri·va·cy/ˈprīvəsē/

Noun:

The state or condition of being free from being observed or disturbed by other people.

The state of being free from public attention

When it comes to healthcare information, there have always been two circles of trust – the trust relationship with your physician and the trust that you place in your healthcare provider/insurance company/government health service.

With social networks like Facebook, a third circle of trust has been created: the circle of trust between you and your friends in the social network.

Patient-doctor privacy

When we share our medical situation with our doctor, we assume we can trust her to keep it private in order to help us get well. Otherwise – we might never share information regarding thoses pains in in the right side over our abdomen, and discover after an ultrasound has been done, that our fatty liver is closely related to imbibing too many pints of beer and vodka chasers with the mates after work – when you have been telling the missus that you are working late at the office.

Healthcare provider – patient privacy

When we share medical information with our healthcare provider, we trust their information security as being strong enough to protect our medical information from a data breach. Certainly – as consumers of healthcare services, it’s impossible for us to audit the effectiveness of their security portfolio.

With our healthcare provider, revealing personal information depends on how much we trust them and that trust depends on how good a job they do on information security, and how effectively they implemented the right management, technical and physical safeguards.

If you’re not sure about the privacy, trust and security triangle, just consider Swiss banks.

Millions of people have online healthcare interactions – asking doctors questions onlines, sharing experiences in forums, interacting with doctors using social media tools like blogs and groups and of course – asking Dr. Google.

Privacy among friends

When we share medical information with our friends on Facebook/Google+ or Twitter we trust them to keep it private within our own personal parameters of vulnerability analysis.

Note that there is feeling secure (but not being secure – chatting about your career in crime on Facebook) and being secure while not feeling secure (not wanting to use your credit card online – face it, with over 300 million credit cards breached in the past 5 years, chances are, your credit card is out there and it doesn’t seem to make a difference now, does it?).

Trust between 2 people interacting (whether its face-to-face or on Facebook) is key to sharing sensitive information, since it mitigates or eliminates the damage of unexpected disclosure.

Let’s illustrate the notion of personal trust as a security countermeasure for unexpected disclosure with a story:

Larry interacts with his lawyer Sarah regularly, once a week or more. It’s a professional relationship, and over time, Larry and Sarah gain each others trust, and in addition to contracts and commercial terms and conditions, the conversations encompass children, career and life. Larry knows Sarah is divorced and is empathetic to the challenges of being a full-time mother and corporate lawyer. Come end of year, Larry sends Sarah a box of chocolate wishing her a successful and prosperous New Year. Sarah’s 14 year old daughter, who is pushing her to start dating again, sees the gift package and draws conclusions that Mom has a new beau. Sarah now has to go into damage control mode with a teenage daughter. It may take Larry months (if ever…) to regain the trust of his colleague. This is literally the damage of unexpected disclosure of private information.

Unlike a healthcare provider, on Facebook we only interact with our friends.

We have digital interactions with our healthcare provider, accessing a Web portal for medical history, scheduling visits and lab tests online etc. These are interactions unrelated to the personal relationship with our physician. The data in these interactions is regulated by governments and secured by healthcare provider information security organizations.

Your healthcare provider’s business model requires them to protect your health information from disclosure.

In our digital interactions on Facebook or Twitter,  there is no organizational element to the security, trust and privacy equation only the personal element. This is because your Gmail, tweets and Facebook conversations are the content that drives Google, Twitter and Facebook advertising revenues.

Social media business models require them to distribute as much of your content as possible.

So, is there a reasonable solution to ensure private healthcare interactions on social networks?

The answer,  I believe, lies in getting back to the dictionary definition of privacy, and creating a private social network for healthcare that enables you, your doctor and family to “be free from being observed or disturbed by other people”.

Tell your friends and colleagues about us. Thanks!
Share this

How to secure patient data in a healthcare organization

If you are a HIPAA covered entity or a business associate vendor to a HIPAA covered entity the question of HIPAA – the question of securing patient data is central to your business.  If you are a big organization, you probably don’t need my advice – since you have a lot of money to spend on expensive security and compliance consultants.

But – if you are small to mid-size hospital or nursing home or medical device vendor without large budgets for security compliance, the natural question you ask is “How can I do this for as little money as possible?”

You can do some research online and then hire a HIPAA security and compliance consultant who will walk you through the security safeguards in CFR 45 Appendix A and help you implement as many items as possible.  This seems like a reasonable approach, but the more safeguards you implement, the more money you spend and moreover, you do not necessarily know if your security has improved –since you have not examined your value at risk – i.e how much money it will cost you if you have a data security breach.

If you read CFR 45 Appendix A carefully, you will note that the standard wants you to do a top-down risk analysis, risk management and periodic information security activity review.

The best way to do that top down risk analysis is to build probable threat scenarios – considering what could go wrong – employees stealing a hard disk from a nursing station in an ICU where a celebrity is recuperating for the information or a hacker sniffing the hospital wired LAN for PHI.

Threat scenarios as an alternative to compliance control policies

When we perform a software security assessment of a medical device or healthcare system, we think in terms of “threat scenarios” or “attack scenarios”, and the result of that thinking manifests itself in planning, penetration testing, security countermeasures, and follow-up for compliance. The threat scenarios are not “one size fits all”.  The threat scenarios for an AIDS testing lab using medical devices that automatically scan and analyze blood samples, or an Army hospital using a networked brain scanning device to diagnose soldiers with head injuries, or an implanted cardiac device with mobile connectivity are all totally different.

We evaluate the medical device or healthcare product from an attacker point of view, then from the management team point of view, and then recommend specific cost-effective, security countermeasures to mitigate the damage from the most likely attacks.

In our experience, building a security portfolio on attack scenarios has 3 clear benefits;
  1. A robust, cost-effective security portfolio based on attack analysis  results in robust compliance over time.
  2. Executives related well to the concepts of threat modeling / attack analysis. Competing, understanding the value of their assets, taking risks and protecting themselves from attackers is really, at the end of the day why executives get the big bucks.
  3. Threat scenarios are a common language between IT, security operations teams and the business line managers

This last benefit is extremely important in your healthcare organization, since business delegates security to IT and IT delegates security to the security operations teams.

As I wrote in a previous essay “The valley of death between IT and security“, there is a fundamental disconnect between IT operations (built on maintaining predictable business processes) and security operations (built on mitigating vulnerabilities).

Business executives delegate information systems to IT and information security to security people on the tacit assumption that they are the experts in information systems and security.  This is a necessary but not sufficient condition.

In the current environment of rapidly evolving types of attacks (hacktivisim, nation-state attacks, credit card attacks mounted by organized crime, script kiddies, competitors and malicious insiders and more…), it is essential that IT and security communicate effectively regarding the types of attacks that their organization may face and what is the potential business impact.

If you have any doubt about the importance of IT and security talking to each other, consider that leading up to 9/11, the CIA  had intelligence on Al Qaeda terrorists and the FBI investigated people taking flying lessons, but no one asked the question why Arabs were learning to fly planes but not land them.

With this fundamental disconnect between 2 key maintainers of information protection, it is no wonder that organizations are having difficulty effectively protecting their assets – whether Web site availability for an online business, PHI for a healthcare organization or intellectual property for an advanced technology firm.

IT and security  need a common language to execute their mission, and I submit that building the security portfolio around most likely threat scenarios from an attacker perspective is the best way to cross that valley of death.

There seems to be a tacit assumption with many executives that regulatory compliance is already a common language of security for an organization.  Compliance is a good thing as it drives organizations to take action on vulnerabilities but compliance checklists like PCI DSS 2.0, the HIPAA security rule, NIST 800 etc, are a dangerous replacement for thinking through the most likely threats to your business.  I have written about insecurity by compliance here and here.

Let me illustrate why compliance control policies are not the common language we need by taking an example from another compliance area – credit cards.

PCI DSS 2.0 has an obsessive preoccupation with anti-virus.  It does not matter if you have a 16 quad-core Linux database server that is not attached the Internet with no removable device nor Windows connectivity. PCI DSS 2.0 wants you to install ClamAV and open the server up to the Internet for the daily anti-virus signature updates. This is an example of a compliance control policy that is not rooted in a probable threat scenario that creates additional vulnerabilities for the business.

Now, consider some deeper ramifications of compliance control policy-based security.

When a  QSA or HIPAA auditor records an encounter with a customer, he records the planning, penetration testing, controls, and follow-up, not under a threat scenario, but under a control item (like access control). The next auditor that reviews the  compliance posture of the business  needs to read about the planning, testing, controls, and follow-up and then reverse-engineer the process to arrive at which threats are exploiting which vulnerabilities.

Other actors such as government agencies (DHS for example) and security researchers go through the same process. They all have their own methods of churning through the planning, test results, controls, and follow-up, to reverse-engineer the data in order to arrive at which threats are exploiting which vulnerabilities.

This ongoing process of “reverse-engineering” is the root cause for a series of additional problems:

  • Lack of overview of the the security threats and vulnerabilities that really count
  • No sufficient connection to best practice security controls, no indication on which controls to follow or which have been followed
  • No connection between controls and security events, except circumstantial
  • No ability to detect and warn for negative interactions between countermeasures (for example – configuring a firewall that blocks Internet access but also blocks operating system updates and enables malicious insiders or outsiders to back-door into the systems from inside the network and compromise  firewalled services).
  • No archiving or demoting of less important and solved threat scenarios (since the data models are control based)
  • Lack of overview of security status of a particular business, only a series of historical observations disclosed or not disclosed.  Is Bank of America getting better at data security or worse?
  • An excess of event data that cannot possibly be read by the security and risk analyst at every encounter
  • Confidentiality and privacy borders are hard to define since the border definitions are networks, systems and applications not confidentiality and privacy.

Using value at risk to figure out how much a breach will really cost you

Your threat scenarios must consider asset (your patient information, systems, management attention, reputation) values, vulnerabilities, threats and possible security countermeasures. Threat analysis as a methodology does not look for ROI or ROSI (there is no ROI for security anyhow) but considers the best and cheapest way to reduce asset value at risk.

And – as we opened the article – the question is  “How can I do this for as little money as possible?”

Tell your friends and colleagues about us. Thanks!
Share this

Anatonme – a hand held device for improving patient-doctor communications

From a recent article in Healthcare Global.

Studies suggest that 30-50 percent of patients are likely to give up treatments early.  Microsoft Research has developed an innovative, hand-held medical device called Anatonme to help patients understand their issue and complete their treatment plan more often.

We’ve been doing research and development into private, controlled social networking to reinforce private communications between doctor and patient. It’s gratifying to see Microsoft Research doing work in this area.

Private social networking for doctors and patients provides highly effective secure data sharing between doctors and patients. It allows patient-mediated input of data before visits to the office, making the clinical data more accurate and complete and boosting the trust between doctor/healthcare worker and patient.

A private social network has a controlled 1 to N (doctor to patients) topology and physiological and emotional context, unlike Facebook that has a distracting social graph and entertainment context.

A private social network for doctors and patients also provides powerful information exchange and search:

  1. Capture critical events on a timeline (for example blood pressure, dizziness etc) that enables the doctor to respond in a timely fashion.
  2. Reconciles differences between what the doctor ordered and what the patient did.
  3. Granular access control for sharing of data between doctor, patient and referrals.

If you’re interested in hearing more – contact us.

Tell your friends and colleagues about us. Thanks!
Share this

Problems in current Electronic Health Record systems

Software Associates specializes in helping medical device and healthcare technology vendors achieve HIPAA compliance and improve the data and software security of their products in hospital and mobile environments.

As I noted here and here, the security and compliance industry is no different from other industries in having fashion and trends.  Two years ago, PHR (Personal Health Records) systems were fashionable and today they’re not – probably because the business model for PHR applications is unclear and unproven.

Outside of the personal fitness and weight-loss space, it’s doubtful that consumers will pay  money for a Web 2.0 PHR application service to help them store  personal health information especially when they are paying their doctor/insurance company/HMO for  services. The bad news for PHR startups is that it’s not really an app that runs well on Facebook and on the other hand, the average startup is not geared to do big 18-24 month sales cycles with HCP (health care providers) and insurance companies.  But – really, business models is the least of our problems.

There are 3 cardinal  issues with the current generation of EHR/EMR systems.

  1. EHR (Electronic Health Records) systems address the business IT needs of government agencies, hospitals, organizations and medical practices, not the healthcare needs of patients.
  2. PHR (Personal Health Records) systems are not integrated with the doctor-patient workflow.
  3. EHR systems are built on natural language, not on patient-issue.

EHR – Systems are focused on business IT, not patient health

EHR systems are enterprise software applications that serve the business IT elements of helthcare delivery for healthcare providers and insurance companies; things like reducing transcription costs, saving on regulatory documentation, electronic prescriptions and electronic record interchange.1

This clearly does not have much to do with improving patient health and quality of life.

EHR systems also store large volumes of information about diseases and symptoms in natural language, codified using standards like SNOMED-CT2. Codification is intended to serve as a standard for system interoperability and enable machine-readability and analysis of records, leading to improved diagnosis.

However, it is impossible to achieve a meaningful machine diagnosis of natural language interview data that was uncertain to begin with, and not collected and validated using evidence-based methods3.

PHR – does not improve the quality of communications with the doctor

PHR (Personal Health Records) on the other are intended to help patients keep track of their personal health information. The definition of a PHR is still evolving. For some, it is a tool to view patient information in the EHR. Others have developed personal applications such as appointment scheduling and medication renewals. Some solutions such as Microsoft HealthVault and PatientsLikeMe allow data to be shared with other applications or specific people.

PHR applications have a lot to offer the consumer, but even award-winning applications like Epocrates that offer “clinical content” are not integrated with the doctor-patient workflow.

Today, the health care system does not appropriately recognize the critical role that a patient’s personal experience and day-to-day activities play in treatment and health maintenance. Patients are experts at their personal experience; clinicians are experts at clinical care. To achieve better health outcomes, both patients and clinicians will need information from both domains– and technology can play a key role in bridging this information gap.”4

 EHR – builds on natural language, not on patient issues

When a doctor examines and treats a patient, he thinks in terms of “issues”, and the result of that thinking manifests itself in planning, tests, therapies, and follow-up.

In current EHR systems, when a doctor records an encounter, he records planning, tests, therapies, and follow-up, just not under the main entity, the issue. The next doctor that sees the patient needs to read about the planning, tests, therapies, and follow-up and then mentally reverse-engineer the process to arrive at which issue is ongoing. Again, he manages the patient according to that issue and records information, but not under the main “issue” entity.

Other actors such as public health registries and epidemiological researchers go through the same process. They all have their own methods of churning through planning, tests, therapies, and follow-up, to reverse-engineer the data in order to arrive at what the issue is.

This ongoing process of “reverse-engineering” is the root cause for a series of additional problems:

  • Lack of overview of the patient
  • No sufficient connection to clinical guidelines, no indication on which guidelines to follow or which have been followed
  • No connection between prescriptions and diseases, except circumstantial
  • No ability to detect and warn for contraindications
  • No archiving or demoting of less important and solved problems
  • Lack of overview of status of the patient, only a series of historical observations
  • In most systems, no sufficient search capabilities
  • An excess of textual data that cannot possibly be read by every doctor at every encounter
  • Confidentiality borders are very hard to define
  • Very rigid and closed interfaces, making extension with custom functionality very difficult

4 Patricia Brennan, “Incorporating Patient-generated Data in meaningful use of HIT” http://healthit.hhs.gov/portal/server.pt/

Tell your friends and colleagues about us. Thanks!
Share this
Federal Healthcare Chart

Healthcare data interoperability pain

Data without interoperability =  pain.

What is happening in the US healthcare space is fascinating as stimulus funds (or what they call in the Middle East – “baksheesh”) are being paid to doctors to acquire an Electronic Health Records system that has “meaningful use”. The term “meaningful use” is vaguely  defined in the stimulus bill as programs that can enable data interchange, e-prescribing and quality indicators.

Our hospital recently spent millions on a emr that does not integrate with any outpatient emr. Where is the data exchanger and who deploys it? What button is clicked to make this happen! My practice is currently changing its emr. We are paying big bucks for partial data migration. All the assurances we had about data portability when we purchased our original emr were exaggerated to make a sale. Industry should have standards. In construction there are 2×4 ‘s , not 2×3.5 ‘s.
Government should not impinge on privacy and free trade but they absolutely have a key role in creating standards that ensure safety and promote growth in industry.
Read more here:  Healthcare interoperatbility pains

Mr Obama’s biggest weakness is that he has huge visions but he can’t be bothered with the details so he lets his team and party members hack out implementations, which is why his healthcare initiatives are on a very shaky footing – as the above doctor aptly noted.  But perhaps something more profound is at work. The stimulus bill does not mention standards as a pre-requisite for EHR, and I assume that the tacit assumption (like many things American) is that standards will “happen” due to the power of free markets. This is at odds with Mr. Obama’s political agenda of big socialistic government with central planning. As the doctor said: “government absolutely (must) have a key role in creating standards that ensure safety and promote growth in industry”.  The expectation that this administration set is that they will take care of things, not that free markets will take care of things.  In the meantime, standards are being developed by private-public partnerships like HITSP – enabling healthcare interoperability

The Healthcare Information Technology Standards Panel (HITSP) is a cooperative partnership between the public and private sectors. The Panel was formed for the purpose of harmonizing and integrating standards that will meet clinical and business needs for sharing information among organizations and systems.

It’s notable that HITSP stresses their mission as meeting clinical and business needs for sharing information among organizations and systems.   The managed-care organizations call people consumers so that they don’t have to think of them as patients.

I have written here, here and here about the drawbacks of packaging Federal money, defense contractors and industry lobbies as “private-public partnerships”.

You can give a doctor $20k of Federal money to buy EMR software, but if it doesn’t interact with the most important data source of all (the patient), everyone’s ROI (the doctor, the patient and the government) will approach zero.

Vendor-neutral standards are key to interoperability. If the Internet were built to HITSP style standards, there would be islands of Internet connectivity and back-patting press-releases, but no Internet.

The best vendor-neutral standards we have today are created by the IETF – a private group of volunteers, not by a “private-public partnership”.

The Internet Engineering Task Force (IETF) is a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet. It is open to any interested individual. The IETF Mission Statement is documented in RFC 3935.

However – vendor-neutral standards are a necessary but insufficient condition for “meaningful use” of data.  There also has to be fast, cheap and easy to use access in the “last mile”.  In healthcare – the last mile is the patient-doctor interaction.

About 10-15 years ago, interoperability in the telecommunications and  B2B spaces was based on an EDI paradigm with centralized messaging hubs for system to system document interchange. As mobile evolved into 3G, cellular applications made a hard shift to a distributed paradigm with middleware-enabled interoperability from a consumer handset to all kinds of 3G services – location, games, billing, accounting etc running at the operator and it’s content partners.

The healthcare industry is still at the EDI stage of development – as we can see from organizations like WEDI and HIMSS

The Workgroup for Electronic Data Interchange (WEDI)

Improve the administrative efficiency, quality and cost effectiveness of healthcare through the implementation of business strategies for electronic record-keeping, and information exchange and management...provide multi-stakeholder leadership and guidance to the healthcare industry on how to use and leverage the industry’s collective technology, knowledge, expertise and information resources to improve the administrative efficiency, quality and cost effectiveness of healthcare information.

What happened to quality and effectiveness of patient-care?

It is not about IT and cost-effectiveness of information (whatever that means). It’s about getting the doctor and her patient exactly the data they need when they need it.   That’s why the doctor went to medical school.

Compare EDI-style message-hub centric protocols to RSS/Atom on the Web where any Web site can publish content and any endpoint (browser or tablet device) can subscribe easily. As far as I can see, the EHR space is still dominated by the  “message hub, system-system, health-provider to health provider to insurance company to government agency” model, while in the meantime, tablets are popping everywhere with interesting medical applications. All these interesting applications will not be worth much if they don’t interact enable the patient and doctor to share the data.

Imagine the impact of IETF style standards, lightweight protocols (like RSS/Atom) and $50 tablets running data sharing apps between doctors and patients.

Imagine vendor-neutral, standard middleware for  EHR applications that would expose data for patients and doctors using an encrypted Atom protocol – very simple, very easy to implement, easy to secure and with very clear privacy boundaries. Perhaps not my first choice for sharing radiology data but a great way to share vital signs and significant events like falling and BP drops.

This would be the big game changer  for the entire healthcare industry.  Not baksheesh. Not EDI. Not private-public partnerships.

Tell your friends and colleagues about us. Thanks!
Share this

Threats on personal health information

A recent HIPAA violation in Canada  where an imaging technician accessed the medical records of her ex-husband’s girlfriend comes as no surprise to me. Data leakage of ePHI in hospitals is rampant simply because a) there is a lot of it floating around and b) because of human nature.  Humans being naturally curious, sometimes vindictive and always worried when it comes to the health condition of friends and family will bend the rules to get information.   HIPAA risk and compliance assessments that we’ve been involved with at hospitals in Israel, the US and Australia consistently show that the number one attack vector on PHI is friends and family, not hackers.

Courtesy of my friend Alan Norquist from Veriphyr

Information and Privacy Commissioner Ann Cavoukian ordered a Hospital in Ottawa to tighten rules on electronic personal health information (ePHI) due to the hospital’s failure to comply with the Personal Health Information Protection Act (PHIPA).

The actions taken to prevent the unauthorized use and disclosure by employees in this hospital have not been effective.” – Information and Privacy Commissioner Ann Cavoukian

The problem began when one of the hospital’s diagnostic imaging technologists accessed the medical records of her ex-husband’s girlfriend. At the time of the snooping, the girlfriend was at the hospital being treated for a miscarriage.

Commissioner Cavoukian faulted the hospital for:

  • Failing to inform the victim of any disciplinary action against the perpetrator.
  • Not reporting the breach to the appropriate professional regulatory college.
  • Not following up with an investigation to determine if policy changes were required.

The aggrieved individual has the right to a complete accounting of what has occurred. In many cases, the aggrieved parties will not find closure … unless all the details of the investigation have been disclosed.” – Information and Privacy Commissioner Ann Cavoukian

It was not the hospital but the victim who instigated an investigation. The hospital determined that the diagnostic imaging technologists had accessed the victim’s medical files six times over 10 months.

The information inapprorpriately accessed included “doctors’ and nurses’ notes and reports, diagnostic imaging, laboratory results, the health number of the complainant, contact details … and scheduled medical appointments.” – Information and Privacy Commissioner Report

Sources: 
(a) Privacy czar orders Ottawa Hospital to tighten rules on personal information – Ottawa Citizen, January, 2011

 

Tell your friends and colleagues about us. Thanks!
Share this

Research data integrity

I usually write about best practices and practical tools to prevent data theft, data loss and data leakage – since our professional services focus on data security in Central and Eastern Europe. Data security is, I guess a sub-specialty of security and compliance.

Security is chartered with ensuring the survival of a business and protecting it’s capability  to generate value for customers and share holders. The most effective security organizations  are integrated for enterprise protection of physical, information, system and employee assets.

But – I was reminded today that data security is not just about data loss prevention – it’s about ensuring confidentiality, integrity and availability of data in all 4 realms – physical, information, systems and employees.

From on article an MedScape today:

Fewer than half of the clinical trials reported in high-impact-factor journals are adequately registered, while nearly a third show “some evidence of selective outcome reporting,” according to research published September 2 in the Journal of the American Medical Association.

Selective outcome reporting – is a data security violation, tampering with the integrity of the data.

Only this time – it’s human lives not credit cards.

Yikes.

Tell your friends and colleagues about us. Thanks!
Share this